Commit Graph

221 Commits

Author SHA1 Message Date
Malte Poll
4a8ebfd921 OS images: use "ref", "stream" and "version"
Switch azure default region to west us
Update find-image script to work with new API spec
Add version for every os image build
generate measurements: Use new API paths
CLI: config fetch measurements: Use image short versions to fetch measurements
CLI: allows shortnames to specify image in config
Image build pipeline: Change paths to contain "ref" and "stream"
2022-12-09 13:37:43 +01:00
Paul Meyer
4795fe9695 hack: create latest endpoint in add-version script
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 13:37:43 +01:00
Paul Meyer
f23a2fe073 hack: implement new api for add-version script
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 13:37:43 +01:00
Paul Meyer
4c2ffe7905
Update Google SDK (#760)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 10:59:18 +01:00
Paul Meyer
9b1551e76a dependencies: migrate go-genproto to google-cloud-go
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-08 13:27:15 +01:00
Paul Meyer
eff3dd8aea dependencies: upgrade containerd module
Fixes CVE-2022-23471.

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-08 13:27:15 +01:00
renovate[bot]
953381848b
Update module golang.org/x/crypto to v0.4.0 (#751)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-07 17:36:27 +01:00
Paul Meyer
3cc2a714a4
dependencies: upgrade to Go v1.19.4 (#732)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-07 14:27:43 +01:00
Moritz Sanft
286803fb97
AB#2579 Add constellation iam create command (#624) 2022-12-07 11:48:54 +01:00
renovate[bot]
e17db4b428
Update module github.com/schollz/progressbar/v3 to v3.12.2 (#739)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-12-07 09:33:57 +01:00
renovate[bot]
63f74f0d65
Update module github.com/go-git/go-git/v5 to v5.5.0 (#735)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 18:51:06 +01:00
renovate[bot]
64c6c6b005
Update module github.com/aws/smithy-go to v1.13.5 (#728)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 16:27:15 +01:00
renovate[bot]
364db78420
Update Terraform azurerm to v3.34.0 (#726)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 13:42:49 +01:00
renovate[bot]
b3a135a166
Update Terraform azuread to ~> 2.31.0 (#720)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-05 16:57:37 +01:00
renovate[bot]
8bf92bb6e5
Update module golang.org/x/sys to v0.3.0 (#721)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-05 16:56:08 +01:00
renovate[bot]
59076b0664
Update Terraform aws to v4.45.0 (#710)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-05 16:35:38 +01:00
Paul Meyer
0a5c768088 versionsapi: enable debug stream for add-version
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 18:49:17 +01:00
Paul Meyer
9c9c8e3d46 versionsapi: rename package
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 18:49:17 +01:00
Malte Poll
a50e82fd1a
pseudo-version: Use committer time (#707) 2022-12-02 16:34:11 +01:00
renovate[bot]
6e84958b84
Update AWS SDK (#679)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 11:10:56 +01:00
renovate[bot]
3e343ed185
Update module go.uber.org/zap to v1.24.0 (#703)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 10:53:27 +01:00
renovate[bot]
b20e9b3cd4
Update google.golang.org/genproto digest to e3fa12d (#704)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 10:35:32 +01:00
renovate[bot]
68bf23b760
Update Terraform aws to v4.44.0 (#702)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-01 18:46:31 +01:00
Malte Poll
85d723ccbd Change path for version API:
- Rename "updates" -> "versions"
- Add explicit "stream" in path to make API self-describing
2022-11-30 16:36:12 +01:00
Paul Meyer
56beb05170 debugd: implement qemu log collection
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-30 16:26:25 +01:00
Malte Poll
9537fb73c0 use constants for default CDN paths 2022-11-30 12:35:12 +01:00
Malte Poll
3aa51df74d Add release trigger to make image versions available via CDN 2022-11-30 12:35:12 +01:00
renovate[bot]
fe74c937b9
Update Terraform azurerm to v3.33.0 (#678)
* Update Terraform azurerm to v3.33.0
* [bot] Update HCL lock files

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-30 11:41:31 +01:00
renovate[bot]
5b23a071ac
Update module github.com/sigstore/sigstore to v1.4.6 (#667)
* Update module github.com/sigstore/sigstore to v1.4.6
* [bot] Tidy all modules

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-30 11:32:59 +01:00
renovate[bot]
7c744c0837
Update Terraform aws to v4.43.0 (#672)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-30 11:22:09 +01:00
Paul Meyer
1663b3d795 hack: add script to remove terraform providers
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 18:47:30 +01:00
renovate[bot]
fffd2b79f2
Update Terraform google to v4.44.1 (#666)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 14:45:07 +01:00
renovate[bot]
a32f9ae752
Update k8s.io/utils digest to 99ec85e (#664)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 14:01:29 +01:00
renovate[bot]
6ba9c32f55
Update AWS SDK (#530)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 13:45:06 +01:00
Leonard Cohnen
3b6bc3b28f initserver: add client verification 2022-11-28 19:34:02 +01:00
Daniel Weiße
d52f3db2a3
AB#2644 Fetch measurements from CDN (#653)
* Fetch measurements from CDN

* Perform metadata validation on fetched measurements

* Remove deprecated public bucket

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-28 10:27:33 +01:00
Nils Hanke
89b25f8ebb
Add new generate measurements matrix CI/CD action (now with AWS support) (#641) 2022-11-25 12:08:24 +01:00
Daniel Weiße
67d0424f0e
AB#2639 Add functions to fetch k8s and helm version of Constellation (#637)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-24 16:39:33 +01:00
Daniel Weiße
f8001efbc0
Refactor enforced/expected PCRs (#553)
* Merge enforced and expected measurements

* Update measurement generation to new format

* Write expected measurements hex encoded by default

* Allow hex or base64 encoded expected measurements

* Allow hex or base64 encoded clusterID

* Allow security upgrades to warnOnly flag

* Upload signed measurements in JSON format

* Fetch measurements either from JSON or YAML

* Use yaml.v3 instead of yaml.v2

* Error on invalid enforced selection

* Add placeholder measurements to config

* Update e2e test to new measurement format

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-24 10:57:58 +01:00
renovate[bot]
d8c553207b
Update Terraform google to v4.44.0 (#622)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-22 14:30:40 +01:00
renovate[bot]
22f9e2ed4b
Update module github.com/talos-systems/talos/pkg/machinery to v1.2.7 (#619)
* Update module github.com/talos-systems/talos/pkg/machinery to v1.2.7
* [bot] Tidy all modules
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-22 14:18:13 +01:00
renovate[bot]
928fdcff76
Update google.golang.org/genproto digest to 1645502 (#585)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-22 13:32:23 +01:00
renovate[bot]
fad198aa2e
Update module google.golang.org/api to v0.103.0 (#595)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-21 14:45:48 +01:00
renovate[bot]
d7ace99a66
Update module google.golang.org/grpc to v1.51.0 (#598)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-21 12:15:02 +01:00
Moritz Sanft
b8d991f84c
AB#2577 Implement GCP IAM in terraform (#567)
* AB#2577 Add GCP TF Config & Documentation

[no ci] wip

AB#2577 Add GCP TF config & Docs

* Download lockfile

* Remove IAM input variables from output
2022-11-21 08:43:13 +01:00
Nils Hanke
ade8fa323f Remove case-sensitive duplicate file 2022-11-18 16:07:29 +01:00
renovate[bot]
b4653152ee
Update libvirt.org/go to v1.8009.0 (#593)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-18 15:56:39 +01:00
renovate[bot]
54ef6d21f4
Update Terraform aws to v4.40.0 (#586)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-18 15:41:02 +01:00
renovate[bot]
86b03bf08e
Update Terraform azurerm to v3.32.0 (#588)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-18 14:57:34 +01:00
Malte Poll
786264edbc Add hack script to locate latest debug image 2022-11-18 12:08:34 +01:00